You can certainly state the technologies you use. Their signature is often on everything from a hacker perspective anyway. The trick is you have to commit to vigilance with the security updates. Saying CentOS means that when a CentOS exploit is announced, for example, you need to be patched the same day the patch or workaround is available or be vulnerable.
Any given question on these topics will be better, and more currently, addressed here: https://www.owasp.org/. Web security is rarely Perl specific.